Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ryandrake 5 hours ago

Every consumer tech company I’ve worked for had at least one guy who was a PM or a PM like role, who would say things like “InfoSec UX is confusing! Users don’t want to deal with IP addresses and firewalls and passwords and keys. We need to make the product easier to share by default!” This scenario seems to be what happens when anyone actually listens to That Guy.

Sharing on the internet should be one of the hardest things to do in your product. You need to make enough friction that the user can never do it by accident or by default. And the user should be warned at every step.

tristor 19 minutes ago | parent | next [-]

Granted, I only have worked in B2B and never B2C, but as a technical PM, I care VERY much about security and am often the primary SME for several aspects of security (I was an engineer with a background in security for more than a decade before becoming a PM). Saying "Users don't want to deal with that and it should be easy" is not the same thing as "open a gaping security hole", the fact you are conflating them indicates either the people you're referring to or you yourself lack creativity.

mmooss 4 hours ago | parent | prev [-]

The answer is to make sharing secure, easy, and with informed consent. The answer is not to impose IP addresses, NAT routing, keys, etc. so that only technical people can give their consent.

dotancohen 4 hours ago | parent [-]

How _does_ it work then, without imposing IP addresses, NAT routing, keys, etc?

mmooss 4 hours ago | parent | next [-]

One method (for many trans-NAT routing issues) is the manufacturer provides a proxy on the Internet, creates a secure connection between camera and proxy (controlling both ends, they should be able to navigate NAT issues, etc.), and then securely publishes the video. The manufacturer could encrypt the video E2E so they can't see it. This also hides the camera's location and IP.

All with informed consent of course.

Edit: Come to think of it, video chat apps (WhatsApp, Signal, etc.) seem to do this, at least sometimes.

ryandrake 4 hours ago | parent [-]

But then you’re tethered to the device manufacturer and probably need other Terrible UX like an account/credentials, password resets, and so on. And that tether also opens the door for the company to remote control the product, spy through telemetry, and remotely “alter the deal” at their whim. Some people might be ok with this but a “tether to the company” is a deal breaker to me for most products.

mmooss 4 hours ago | parent [-]

For me too, but we can manage keys, firewalls, routing, IP addresses, etc. The issue is a solution for the vast public of end users who can't do those things. Anyway, the vendor could offer the proxy as an optional service, and let you and I do what we want in some advanced mode.

ertian 2 hours ago | parent | prev [-]

I mean, realistically: let us run your thing, uploaded all data to our cloud, and then let us handle access control.